LiteLLM Supply Chain Compromise | Episode 47

LiteLLM Supply Chain Compromise | Episode 47

From AI Security Ops by Black Hills Information Security

April 13, 2026 · 20 min · Episode 47

About this episode

The episode discusses the LiteLLM supply chain compromise and its implications for AI security.

In this episode of BHIS Presents: AI Security Ops, the team breaks down the LiteLLM supply chain compromise–a real-world attack that shows how AI systems are being breached through the same old software supply chain weaknesses. What initially looked like a bad release quickly escalated into a full-scale compromise affecting a library downloaded millions of times per day. But LiteLLM wasn’t the starting point–it was just one link in a much larger attack chain involving compromised security tools, CI/CD pipelines, and stolen publishing credentials. The result? Malicious packages distributed at scale, harvesting secrets, enabling lateral movement, and establishing persistence across affected systems. We dig into: • What LiteLLM is and why it’s such a high-value target • How the attack chain started with compromised security tooling (Trivy, Checkmarx) • How unpinned dependencies enabled the compromise • The role of CI/CD pipelines in exposing sensitive credentials • What the malicious LiteLLM packages actually did (credential harvesting, persistence, lateral movement) • The scale of impact given LiteLLM’s widespread adoption • Why supply chain attacks are no longer theoretical–and no…

People in this episode

Host: Black Hills Information Security

Topics covered

  • supply chain compromise
  • AI security
  • malicious packages
  • CI/CD pipelines
  • credential harvesting
  • infrastructure failure

Keywords

  • LiteLLM
  • supply chain attack
  • AI systems
  • security tools
  • CI/CD
  • credential harvesting
  • malicious packages
  • infrastructure failure

Mentioned in this episode

Organizations: Trivy, Checkmarx

Products: LiteLLM

More episodes of AI Security Ops

Explore listener stats, chart rankings, contacts and more on the AI Security Ops podcast page.